CN108052843B - Safe mobile storage device and implementation method thereof - Google Patents
Safe mobile storage device and implementation method thereof Download PDFInfo
- Publication number
- CN108052843B CN108052843B CN201711391068.7A CN201711391068A CN108052843B CN 108052843 B CN108052843 B CN 108052843B CN 201711391068 A CN201711391068 A CN 201711391068A CN 108052843 B CN108052843 B CN 108052843B
- Authority
- CN
- China
- Prior art keywords
- data
- hard disk
- ukey
- disk
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/80—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
- Signal Processing For Digital Recording And Reproducing (AREA)
Abstract
The invention discloses a design scheme of sensitive data safety storage equipment, wherein the storage equipment comprises a compact disc and a UKEY, the compact disc comprises a disc 1 and a disc 2, and the disc 2 is pluggable. Sensitive information is divided into two parts to be encrypted and stored in the disk 1 and the disk 2 respectively, and the storage device can normally work only after the three parts exist simultaneously and mutual authentication of UKEY and a secret disk is completed. UKEY and hard disk share symmetric key, called key 1, in advance, and are stored in 512-byte secure storage areas of UKEY and disk 1, respectively. An encryption key, referred to as key 2, is also stored in the UKEY secure storage area for encrypting the disc 1 and disc 2 data. The invention has the beneficial effects that: by designing the storage equipment into a separable structure, when data are stored, the data are respectively stored after being split, and meanwhile, a UKEY and hard disk bidirectional authentication mechanism is arranged, so that the safety and stability of data storage are ensured.
Description
Technical Field
The invention relates to the field of data storage and information security, in particular to a secure mobile storage device and an implementation method thereof.
Background
Mobile storage devices, such as a usb disk and a mobile hard disk, are widely used due to their portability. Therefore, the security of data storage inside the mobile storage device is more and more concerned, and the current mobile storage device has no perfect data security storage mode and still has the risk of data storage.
An effective solution to the problems in the related art has not been proposed yet.
Disclosure of Invention
Aiming at the technical problems in the related art, the invention provides a cluster external data access method, which can conveniently use external data in the cluster using process.
In order to achieve the technical purpose, the technical scheme of the invention is realized as follows:
on one hand, the invention provides a safe mobile storage device, which comprises a hard disk and a UKEY, wherein the hard disk comprises a disk 1 and a disk 2, and one of the disk 1 and the disk 2 is pluggable; the hard disk and the UKEY share a symmetric key 1 in advance, and meanwhile, an encryption key 2 used for adding data of the hard disk 1 and the disk 2 is stored in the UKEY secure storage area.
Further, the disc 2 is pluggable, and the key 1 is stored in the UKEY and 512-byte secure storage area in the disc 1 respectively.
On the other hand, the invention also provides a method for realizing the safe mobile storage device, which comprises the following steps:
s1 when the hard disk is powered on, the hard disk firstly checks whether 512 bytes of the 512-byte safe storage area are legal, if not, firstly requests a legal 512-byte key from UKEY; if so, go to S2;
s2, generating a random number by the disc 1 by using a true random number generator, encrypting the random number by using a secret key 1, and then adding a head 2 to transmit the random number to a UKEY;
s3 UKEY decrypts the data by using the key 1 after receiving the data, checks the legality of the data packet, extracts the value of the random number if the data is the data transmitted from the legal disk 1, and then encrypts the key 2 in the memory and the extracted random number by the key 1 again and transmits the encrypted random number to the disk 1; if the verification is illegal, the verification fails;
s4, after receiving the data, the disc 1 decrypts the content, checks the validity of the data and the random number sent before, if the data can pass the detection, the UKEY identity authentication is considered to pass, and the secret key 2 in the information packet is extracted;
s5, after the authentication is completed and the data encryption key is obtained, the hard disk operates the data according to the instruction, if the instruction is a write-in instruction, the hard disk encrypts the data to be written in a fragmentation mode according to the data processing rule and stores the data to be written in the disk 1 and the disk 2; if the command is a reading command, the hard disk decrypts and combines the data again according to the data reading rule to recover the original state;
s6, when the hard disk is in working state, the hard disk and UKEY periodically carry out breath detection to check whether the UKEY is in normal state; if the abnormality exists, the hard disk stops working and returns to the initial state.
Further, the 512-byte storage area of the hard disk in S1 has the following two states: illegal state, all 0 state or non-zero but invalid state; legal status, with a status of 512 bytes of data valid.
Further, after receiving the data including the header 2, the UKEY in S3 decrypts the data by using the key 1, checks whether there is the header 1, and if so, adds the random number and the key 2 to the header 1, encrypts by using the key 1, and then adds the header 2; if not, returning to the initial state.
Further, after the hard disk is decrypted in S4, it is checked whether the header 1 and the random number are correct, and if they are correct, the key 2 is extracted, and if they are incorrect, the initial state is returned.
Further, the execution of the write instruction in S5 includes:
s11 obtaining data by the hard disk;
s12 dividing the data into two parts of odd and even by byte;
s13 encrypting the two parts respectively by using the key 2;
s14 storing the encrypted two parts in disc 1 and disc 2, respectively;
s15 adds the above two pieces of index information to the index file.
Further, the execution of the read instruction in S5 includes:
s21, obtaining the file name to be read by the hard disk;
s22 searching the file name A and the file name B in the index file;
s23 reads file name a and file name B from disc 1 and disc 2, respectively, and decrypts with key 2;
s24, the decrypted data of the file A is used as even bytes of a new file, the decrypted data of the file B is used as odd bytes, and the even bytes and the odd bytes are recombined into a file;
s25 hard disk output file.
Further, the file name 1.a identifies the file name of the encrypted even byte data stored on the disc 1, the file name 1.B identifies the file name of the encrypted odd byte data stored on the disc 1, the file name 2.a identifies the file name of the encrypted even byte data stored on the disc 2, and the file name 2.B identifies the file name of the encrypted odd byte data stored on the disc 2.
Further, the breath detection comprises the steps of:
s31, generating 32-bit random number R by the hard disk, encrypting ALIVECHK + R and then sending the encrypted ALIVECHK + R to UKEY;
s32 UKEY decrypts and extracts R, and encrypts REQCCHECK + R and returns the R to the hard disk;
s33 the hard disk checks whether the returned random number is correct, if so, the hard disk continues working; otherwise, returning to the initial state.
The invention has the beneficial effects that: by designing the storage equipment into a separable structure, when data are stored, the data are respectively stored after being split, and meanwhile, a UKEY and hard disk bidirectional authentication mechanism is arranged, so that the safety and stability of data storage are ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is a schematic flowchart of a data storage method of a secure mobile storage device according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a data reading method of a secure mobile storage device according to an embodiment of the present invention;
FIG. 3 is a schematic flowchart illustrating a secure mobile storage device according to an embodiment of the present invention;
fig. 4 is a schematic flowchart illustrating the process of performing identity authentication and key transmission between a hard disk and a UKEY according to an embodiment of the present invention;
FIG. 5 is a schematic flow chart of breath detection according to an embodiment of the present invention;
fig. 6 is a diagram illustrating a complete information format according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments that can be derived by one of ordinary skill in the art from the embodiments given herein are intended to be within the scope of the present invention.
As shown in fig. 1 to 6, in one aspect, the present invention provides a secure mobile storage device, including a hard disk and a UKEY, where the hard disk includes a disk 1 and a disk 2, and one of the disk 1 and the disk 2 is pluggable; the hard disk and the UKEY share a symmetric key 1 in advance, and meanwhile, an encryption key 2 used for adding data of the hard disk 1 and the disk 2 is stored in the UKEY secure storage area.
Further, the disc 2 is pluggable, and the key 1 is stored in the UKEY and 512-byte secure storage area in the disc 1 respectively.
On the other hand, the invention also provides a method for realizing the safe mobile storage device, which comprises the following steps:
s1 when the hard disk is powered on, the hard disk firstly checks whether 512 bytes of the 512-byte safe storage area are legal, if not, firstly requests a legal 512-byte key from UKEY; if so, go to S2;
s2, generating a random number by the disc 1 by using a true random number generator, encrypting the random number by using a secret key 1, and then adding a head 2 to transmit the random number to a UKEY;
s3 UKEY decrypts the data by using the key 1 after receiving the data, checks the legality of the data packet, extracts the value of the random number if the data is the data transmitted from the legal disk 1, and then encrypts the key 2 in the memory and the extracted random number by the key 1 again and transmits the encrypted random number to the disk 1; if the verification is illegal, the verification fails;
s4, after receiving the data, the disc 1 decrypts the content, checks the validity of the data and the random number sent before, if the data can pass the detection, the UKEY identity authentication is considered to pass, and the secret key 2 in the information packet is extracted;
s5, after the authentication is completed and the data encryption key is obtained, the hard disk operates the data according to the instruction, if the instruction is a write-in instruction, the hard disk encrypts the data to be written in a fragmentation mode according to the data processing rule and stores the data to be written in the disk 1 and the disk 2; if the command is a reading command, the hard disk decrypts and combines the data again according to the data reading rule to recover the original state;
s6, when the hard disk is in working state, the hard disk and UKEY periodically carry out breath detection to check whether the UKEY is in normal state; if the abnormality exists, the hard disk stops working and returns to the initial state.
Further, the 512-byte storage area of the hard disk in S1 has the following two states: illegal state, all 0 state or non-zero but invalid state; legal status, with a status of 512 bytes of data valid.
Further, after receiving the data including the header 2, the UKEY in S3 decrypts the data by using the key 1, checks whether there is the header 1, and if so, adds the random number and the key 2 to the header 1, encrypts by using the key 1, and then adds the header 2; if not, returning to the initial state.
Further, after the hard disk is decrypted in S4, it is checked whether the header 1 and the random number are correct, and if they are correct, the key 2 is extracted, and if they are incorrect, the initial state is returned.
Further, the execution of the write instruction in S5 includes:
s11 obtaining data by the hard disk;
s12 dividing the data into two parts of odd and even by byte;
s13 encrypting the two parts respectively by using the key 2;
s14 storing the encrypted two parts in disc 1 and disc 2, respectively;
s15 adds the above two pieces of index information to the index file.
Further, the execution of the read instruction in S5 includes:
s21, obtaining the file name to be read by the hard disk;
s22 searching the file name A and the file name B in the index file;
s23 reads file name a and file name B from disc 1 and disc 2, respectively, and decrypts with key 2;
s24, the decrypted data of the file A is used as even bytes of a new file, the decrypted data of the file B is used as odd bytes, and the even bytes and the odd bytes are recombined into a file;
s25 hard disk output file.
Further, the file name 1.a identifies the file name of the encrypted even byte data stored on the disc 1, the file name 1.B identifies the file name of the encrypted odd byte data stored on the disc 1, the file name 2.a identifies the file name of the encrypted even byte data stored on the disc 2, and the file name 2.B identifies the file name of the encrypted odd byte data stored on the disc 2.
Further, the breath detection comprises the steps of:
s31, generating 32-bit random number R by the hard disk, encrypting ALIVECHK + R and then sending the encrypted ALIVECHK + R to UKEY;
s32 UKEY decrypts and extracts R, and encrypts REQCCHECK + R and returns the R to the hard disk;
s33 the hard disk checks whether the returned random number is correct, if so, the hard disk continues working; otherwise, returning to the initial state.
Further, the encryption and decryption algorithms mentioned in the present invention include various known encryption and decryption algorithms.
In order to facilitate understanding of the above-described technical aspects of the present invention, the above-described technical aspects of the present invention will be described in detail below in terms of specific usage.
The invention provides a design scheme of sensitive data safety storage equipment, wherein the storage equipment comprises a hard disk and a UKEY, the hard disk comprises a disk 1 and a disk 2, and the disk 2 is pluggable. Sensitive information is divided into two parts to be respectively encrypted and stored in the disk 1 and the disk 2, and the storage device designed by the scheme can normally work only when the three parts exist simultaneously and the mutual authentication of the UKEY and the hard disk is completed. UKEY and hard disk share symmetric key, called key 1, in advance, and are stored in 512-byte secure storage areas of UKEY and disk 1, respectively. An encryption key, called key 2, for encrypting data of the hard disk 1 and the disk 2 is also stored in the UKEY secure storage area.
As shown in fig. 1 to 6, in a specific use, the working flow of the secure mobile storage device according to the present invention is as follows:
s1 when the hard disk is powered on, the hard disk firstly checks whether 512 bytes of the 512-byte safe storage area are legal, if not, firstly requests a legal 512-byte key from UKEY; if it is legitimate, S2 is performed. The definition of two states of a 512-byte storage area of the hard disk is as follows: illegal state, all 0 state or non-zero but invalid state; legal status, with a status of 512 bytes of data valid.
S2, generating a random number by the disc 1 by using a true random number generator, encrypting the random number by using a secret key 1, and then adding a head 2 to transmit the random number to a UKEY;
s3 UKEY decrypts the data by using the key 1 after receiving the data, checks the legality of the data packet, if the head 1 exists, the data is the data transmitted from the legal disk 1, extracts the value of the random number at this time, adds the key 2 in the memory and the extracted random number into the head 1, encrypts the data by using the key 1 again, and then adds the head to transmit the data to the disk 1; if the header 1 is not present, it is invalid and returns to the initial state.
S4, after receiving the data, the disc 1 decrypts the content, checks whether the validity of the data and the random number sent before are correct, if the data and the random number can pass the detection, the UKEY identity authentication is considered to pass, and the secret key 2 in the information packet is extracted; otherwise, returning to the initial state.
And S5, after the authentication is completed and the data encryption key is obtained, the hard disk operates the data according to the instruction.
If the command is a write command, the hard disk performs fragment encryption on data to be written according to a data processing rule and stores the data into the disk 1 and the disk 2, and the method specifically comprises the following steps: s11 obtaining data by the hard disk; s12 dividing the data into two parts of odd and even by byte; s13 encrypting the two parts respectively by using the key 2; s14 storing the encrypted two parts in disc 1 and disc 2, respectively; s15 adds the above two pieces of index information to the index file.
If the command is a read command, the hard disk decrypts and combines the data again according to the data read rule to recover the original state, which specifically comprises the following steps: s21, obtaining the file name to be read by the hard disk; s22 searching the file name A and the file name B in the index file; s23 reads file name a and file name B from disc 1 and disc 2, respectively, and decrypts with key 2; s24, the decrypted data of the file A is used as even bytes of a new file, the decrypted data of the file B is used as odd bytes, and the even bytes and the odd bytes are recombined into a file; s25 hard disk output file.
S6, when the hard disk is in working state, the hard disk and UKEY periodically carry out breath detection to check whether the UKEY is in normal state; if the abnormality exists, the hard disk stops working and returns to the initial state. The breath detection includes: the hard disk generates 32-bit random number R, encrypts ALIVECHK + R and then sends the encrypted ALIVECHK + R to UKEY; extracting R after decryption by UKEY, and returning the encrypted REQCCHECK + R to the hard disk; the hard disk checks whether the returned random number is correct, and if the returned random number is correct, the hard disk continues to work; otherwise, returning to the initial state.
Further, the file name 1.a identifies the file name of the encrypted even byte data stored on the disc 1, the file name 1.B identifies the file name of the encrypted odd byte data stored on the disc 1, the file name 2.a identifies the file name of the encrypted even byte data stored on the disc 2, and the file name 2.B identifies the file name of the encrypted odd byte data stored on the disc 2.
The 512-byte storage area of the hard disk has the following two states:
illegal state: all 0 states or non-zero but invalid states
Legal state: state with valid 512 bytes of data
For example: the 10 th to 20 th bytes are the device ID, the last 4 bytes are the CRC check value of the entire block, the position of 100+4 × n + n is the key (n =1, 2 … ….16), and the rest is the random number. If the CRC value of the first 508 bytes is the same as the last 4 bytes, the state is legal, otherwise, the state is illegal.
In summary, according to the above technical solution of the present invention, by designing the storage device into a separable structure, when storing data, the data is split and then stored, and meanwhile, a UKEY and hard disk bidirectional authentication mechanism is provided, so as to ensure the safety and stability of data storage.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (4)
1. The safe mobile storage equipment is characterized by comprising a hard disk and a UKEY, wherein the hard disk comprises a disk 1 and a disk 2, and one of the disk 1 and the disk 2 is pluggable; the hard disk and the UKEY share a symmetric key 1 in advance, and meanwhile, an encryption key 2 used for encrypting data of the disk 1 and the disk 2 is stored in the UKEY secure storage area;
the implementation method of the safe mobile storage device comprises the following steps:
s1 when the hard disk is powered on, the hard disk firstly checks whether 512 bytes of the 512-byte safe storage area are legal, if not, firstly requests a legal 512-byte key from UKEY; if it is legal, S2 is executed, wherein the 512-byte storage area of the hard disk has the following two states: illegal state, all 0 state or non-zero but invalid state; legal status, with status of 512 bytes of data valid;
s2, generating a random number by the disc 1 by using a true random number generator, encrypting the random number by using a secret key 1, and then adding a head 2 to transmit the random number to a UKEY;
s3 UKEY decrypts the data by using the key 1 after receiving the data, checks the legality of the data packet, extracts the value of the random number if the data is the data transmitted from the legal disk 1, and then encrypts the key 2 in the memory and the extracted random number by the key 1 again and transmits the encrypted random number to the disk 1; if the data is illegal, the verification fails, wherein after the UKEY receives the data containing the head 2, the UKEY decrypts the data by using the secret key 1 and checks whether the head 1 exists, if so, the random number and the secret key 2 are added into the head 1 together, and the head 2 is added after the encryption by using the secret key 1; if not, returning to the initial state;
s4, after receiving the data, the disk 1 decrypts the content, checks the validity of the data and the random number sent before, if the data can pass the detection, the UKEY identity authentication is considered to pass, the key 2 in the information packet is extracted, wherein, after the hard disk is decrypted, the head 1 and the random number are checked whether to be correct, if the head 1 and the random number are correct, the key 2 is extracted, and if the head 1 and the random number are incorrect, the initial state is returned;
s5, after the authentication is completed and the data encryption key is obtained, the hard disk operates the data according to the instruction, if the instruction is a write-in instruction, the hard disk encrypts the data to be written in a fragmentation mode according to the data processing rule and stores the data to be written in the disk 1 and the disk 2; if the command is a read command, the hard disk decrypts and combines the data again according to the data read rule to recover the original state, wherein,
the execution process of the write command comprises the following steps:
s11 obtaining data by the hard disk;
s12 dividing the data into two parts of odd and even by byte;
s13 encrypting the two parts respectively by using the key 2;
s14 storing the encrypted two parts in disc 1 and disc 2, respectively;
s15, adding the index information of the two parts into the index file;
the execution process of the reading instruction comprises the following steps:
s21, obtaining the file name to be read by the hard disk;
s22 searching the file name A and the file name B in the index file;
s23 reads file name a and file name B from disc 1 and disc 2, respectively, and decrypts with key 2;
s24, the decrypted data of the file A is used as even bytes of a new file, the decrypted data of the file B is used as odd bytes, and the even bytes and the odd bytes are recombined into a file;
s25 hard disk output file;
s6, when the hard disk is in working state, the hard disk and UKEY periodically carry out breath detection to check whether the UKEY is in normal state; if the abnormality exists, the hard disk stops working and returns to the initial state.
2. The secure mobile storage device of claim 1, wherein the disk 2 is pluggable, and the key 1 is stored in 512-byte secure storage areas of the UKEY and the disk 1, respectively.
3. The secure mobile storage device of claim 1, wherein filename 1.a identifies the filename of the encrypted even byte data stored on disc 1, filename 1.B identifies the filename of the encrypted odd byte data stored on disc 1, filename 2.a identifies the filename of the encrypted even byte data stored on disc 2, and filename 2.B identifies the filename of the encrypted odd byte data stored on disc 2.
4. The secure mobile storage device of claim 1, wherein said breath detection comprises the steps of:
s31, generating 32-bit random number R by the hard disk, encrypting ALIVECHK + R and then sending the encrypted ALIVECHK + R to UKEY;
s32 UKEY decrypts and extracts R, and encrypts REQCCHECK + R and returns the R to the hard disk;
s33 the hard disk checks whether the returned random number is correct, if so, the hard disk continues working; otherwise, returning to the initial state.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711391068.7A CN108052843B (en) | 2017-12-21 | 2017-12-21 | Safe mobile storage device and implementation method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711391068.7A CN108052843B (en) | 2017-12-21 | 2017-12-21 | Safe mobile storage device and implementation method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108052843A CN108052843A (en) | 2018-05-18 |
CN108052843B true CN108052843B (en) | 2020-10-09 |
Family
ID=62130947
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711391068.7A Active CN108052843B (en) | 2017-12-21 | 2017-12-21 | Safe mobile storage device and implementation method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108052843B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111241606B (en) * | 2020-01-21 | 2021-03-23 | 北京连山科技股份有限公司 | One drags three mobile storage device |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE69636823T2 (en) * | 1995-06-30 | 2007-10-18 | Sony Corp. | Data recording method, data reproducing method, and data recording / reproducing device and recording medium |
JP4387962B2 (en) * | 2005-02-18 | 2009-12-24 | 株式会社東芝 | Content reproduction apparatus, content reproduction method, and program |
US20080313473A1 (en) * | 2007-06-12 | 2008-12-18 | Les Technologies Deltacrypt | Method and surveillance tool for managing security of mass storage devices |
CN103793666A (en) * | 2014-01-24 | 2014-05-14 | 中经云数据存储科技(北京)有限公司 | Data file protecting method and system |
CN104951409B (en) * | 2015-06-12 | 2019-03-08 | 中国科学院信息工程研究所 | A kind of hardware based full disk encryption system and encryption method |
CN105279453B (en) * | 2015-09-25 | 2018-04-06 | 南京伍安信息科技有限公司 | It is a kind of to support the partitions of file for separating storage management to hide system and method |
-
2017
- 2017-12-21 CN CN201711391068.7A patent/CN108052843B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN108052843A (en) | 2018-05-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110266467B (en) | Method and device for realizing dynamic encryption based on block height | |
CN103701757B (en) | Identity authentication method and system for service access | |
US9769654B2 (en) | Method of implementing a right over a content | |
CN106227503A (en) | Safety chip COS firmware update, service end, terminal and system | |
JP2005050320A (en) | Access method | |
TWI631462B (en) | Computing system and computing device-implemented method to secure on-board bus transactions and non-transitory computer readable storage medium | |
EP2629223A1 (en) | System, devices and methods for collaborative execution of a software application comprising at least one encrypted instruction | |
CN107908574A (en) | The method for security protection of solid-state disk data storage | |
CN110276610B (en) | Method and device for realizing dynamic encryption based on transaction offset | |
CN110716728B (en) | Credible updating method and device for FPGA (field programmable Gate array) logic | |
JP2014175970A (en) | Information distribution system, information processing device, and program | |
CN112088376A (en) | File storage method and device and storage medium | |
CN103606223A (en) | Card authentication method and device | |
CN115865448A (en) | Data self-encryption device and method | |
CN108052843B (en) | Safe mobile storage device and implementation method thereof | |
JP2008508763A (en) | Apparatus and method for providing and decrypting network content encrypted using key encryption key scheme | |
US9979541B2 (en) | Content management system, host device and content key access method | |
CN110751555B (en) | Method and device for realizing contract calling based on FPGA | |
US10057054B2 (en) | Method and system for remotely keyed encrypting/decrypting data with prior checking a token | |
CN101883357A (en) | Method, device and system for mutual authentication between terminal and intelligent card | |
JP6246516B2 (en) | Information processing system | |
CN110008724A (en) | Solid-state hard disk controller method for secure loading, device and storage medium | |
CN108229216A (en) | A kind of safe mobile memory apparatus and its data deposit, withdraw method | |
KR101327193B1 (en) | A user-access trackable security method for removable storage media | |
CN108921561B (en) | Digital hot wallet based on hardware encryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210423 Address after: 101300 2nd floor, building 3, 19 Dongying Road, zhaoquanying Town, Shunyi District, Beijing Patentee after: Beijing Lianshan Science and Technology Co.,Ltd. Address before: No. 1, building No. 1, courtyard No. 2, Yongcheng North Road, Haidian District, Beijing, Beijing 402 Patentee before: BEIJING LIANSHAN TIMES TECHNOLOGY Co.,Ltd. |